Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/grWVOnXsISeQ8PQtZNX5iNEog_I.roa
File: grWVOnXsISeQ8PQtZNX5iNEog_I.roa (raw, json)
Hash identifier: PRFuW/vKMtq7T1kLmgi+8DOtoKNroBOw7dLv21dh7G8=
Subject key identifier: 82:B5:95:3A:75:EC:21:27:90:F0:F4:2D:64:D5:F9:88:D1:28:83:F2
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018BB53567391F1436734C01C8733E58C429
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/grWVOnXsISeQ8PQtZNX5iNEog_I.roa
Signing time: Thu 09 Nov 2023 17:50:57 +0000
ROA not before: Thu 09 Nov 2023 17:50:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209294
IP address blocks: 2a0c:b641:310::/44 maxlen: 48
2a0c:b642:4000::/36 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:35:67:39:1f:14:36:73:4c:01:c8:73:3e:58:c4:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Nov 9 17:50:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82b5953a75ec212790f0f42d64d5f988d12883f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d2:f6:3a:62:eb:e3:23:48:29:ab:ac:2d:bb:
14:a0:cd:44:fa:f9:53:36:b7:a7:31:dc:df:3a:50:
59:17:fc:bb:18:70:9f:c2:2d:b9:4d:12:e2:47:2a:
4a:ee:19:ad:6f:aa:fd:0b:30:4f:af:92:fb:7e:c5:
7d:0a:f3:df:20:02:83:b4:d8:e0:6e:7c:4a:21:6c:
6f:09:5c:a2:0d:39:4c:78:a6:31:c7:4c:53:47:d4:
b2:f3:d6:51:0e:01:ed:0a:96:51:87:86:ac:8d:13:
c5:4b:7e:3a:2e:c2:70:31:bf:7b:51:bd:59:01:59:
58:7e:fd:7d:9c:f1:98:94:14:93:42:e2:94:a3:f9:
15:70:6a:05:bb:88:86:2e:1d:de:c0:74:2f:f4:79:
8c:9a:ac:f9:a6:1b:94:fc:45:ca:d8:64:18:9b:29:
b3:53:6f:07:f2:a5:14:5d:cf:c4:20:dc:41:cf:55:
90:a4:6f:43:49:18:b3:50:ba:e9:82:71:ce:63:88:
bf:eb:d2:1c:70:7d:d1:6e:28:1a:e8:5c:83:d3:97:
69:f7:d7:73:a5:67:ff:16:aa:ec:c0:e4:58:41:d6:
3a:86:eb:19:3b:bc:27:03:a4:72:5d:51:ec:5c:c7:
e5:a7:6f:98:2f:3e:23:4d:13:4d:9f:a9:ab:5a:e6:
e5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B5:95:3A:75:EC:21:27:90:F0:F4:2D:64:D5:F9:88:D1:28:83:F2
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/grWVOnXsISeQ8PQtZNX5iNEog_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:310::/44
2a0c:b642:4000::/36
Signature Algorithm: sha256WithRSAEncryption
42:92:2b:a2:b9:4c:38:c5:d7:5e:e7:6d:7a:bf:71:a3:26:f7:
d3:14:de:40:13:9d:fb:6a:8c:27:f7:c0:9e:df:95:7d:ef:f8:
80:1b:61:18:eb:64:40:1e:81:81:b8:29:3f:32:f1:5d:3c:b6:
16:bd:28:38:d6:4a:ce:01:b0:dc:f2:40:ce:a6:df:0b:e9:bf:
00:d0:62:f6:27:94:5a:e4:db:3a:12:4d:40:a2:b4:93:37:2b:
e8:93:8f:69:6a:74:0b:47:c0:13:32:be:0a:76:bc:43:c3:a8:
f5:bb:84:98:0c:1f:a4:ce:26:9a:39:3d:4c:ae:c4:9e:70:12:
14:9b:ef:ac:f4:6c:a4:a0:02:59:4a:ea:f8:89:dd:bc:a3:9d:
b5:ac:e2:aa:b1:2d:37:af:0a:12:56:bd:6a:7a:6d:2c:9e:a0:
83:05:e6:32:16:ac:48:9c:5e:f9:fa:ae:6f:ee:02:de:34:f8:
77:6c:d0:80:b1:ff:df:5a:2c:93:42:34:8f:4b:28:d0:bb:18:
86:10:28:d4:d7:ac:03:28:e4:31:26:f2:9c:23:bc:ab:a1:51:
bc:fb:88:ba:b3:90:4a:0c:96:34:b9:d8:93:ac:1a:ff:e4:30:
ba:ea:82:de:dc:e8:b8:5f:b3:cd:f6:67:8d:23:ff:c2:45:43:
96:93:2a:09
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYu1NWc5HxQ2c0wByHM+WMQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMxMTA5MTc1MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmI1OTUzYTc1ZWMyMTI3OTBmMGY0MmQ2NGQ1Zjk4OGQxMjg4M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9L2OmLr4yNIKausLbsUoM1E+vlT
NrenMdzfOlBZF/y7GHCfwi25TRLiRypK7hmtb6r9CzBPr5L7fsV9CvPfIAKDtNjg
bnxKIWxvCVyiDTlMeKYxx0xTR9Sy89ZRDgHtCpZRh4asjRPFS346LsJwMb97Ub1Z
AVlYfv19nPGYlBSTQuKUo/kVcGoFu4iGLh3ewHQv9HmMmqz5phuU/EXK2GQYmymz
U28H8qUUXc/EINxBz1WQpG9DSRizULrpgnHOY4i/69IccH3Rbiga6FyD05dp99dz
pWf/FqrswORYQdY6husZO7wnA6RyXVHsXMflp2+YLz4jTRNNn6mrWublvwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFIK1lTp17CEnkPD0LWTV+YjRKIPyMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvZ3JXVk9uWHNJU2VROFBRdFpOWDVpTkVvZ19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKgy2QQMQ
AwYEKgy2QkAwDQYJKoZIhvcNAQELBQADggEBAEKSK6K5TDjF117nbXq/caMm99MU
3kATnftqjCf3wJ7flX3v+IAbYRjrZEAegYG4KT8y8V08tha9KDjWSs4BsNzyQM6m
3wvpvwDQYvYnlFrk2zoSTUCitJM3K+iTj2lqdAtHwBMyvgp2vEPDqPW7hJgMH6TO
Jpo5PUyuxJ5wEhSb76z0bKSgAllK6viJ3byjnbWs4qqxLTevChJWvWp6bSyeoIMF
5jIWrEicXvn6rm/uAt40+Hds0ICx/99aLJNCNI9LKNC7GIYQKNTXrAMo5DEm8pwj
vKuhUbz7iLqzkEoMljS52JOsGv/kMLrqgt7c6Lhfs832Z40j/8JFQ5aTKgk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:06 2024 by rpki-client on console-fra.rpki-client.org